Sign in with
Sign up | Sign in
Your question

Security and open wifi hotspots

Last response: in Wireless Networking
Share
Anonymous
a b 8 Security
August 16, 2004 3:04:52 PM

Archived from groups: alt.internet.wireless (More info?)

A friend asked me something but as I know nothing about wifi I couldn't
answer it. I'm hoping someone here can :o )

If he takes his laptop into a cafe or a bar where there is an open wifi
hotspot (presumably these are called access points??) and say, for instance,
he logs on to his ISPs mail server to pick up his email through that access
point, how secure is that connection? Would the login info for his email
server be cached anywhere for the owner of the access point (or anyone else
for that matter) to see after he's left the cafe?

Sorry if these are really basic questions but as they say on "Who Wants to
be a Millionaire?" the questions are only easy if you know the answers :o )

Cheers,

Mogweed
Anonymous
a b 8 Security
August 16, 2004 3:04:53 PM

Archived from groups: alt.internet.wireless (More info?)

"Mogweed" <mogweedTWOTHOUSAND@hotmail.com> wrote in message
news:cfq4ck$j5q$1@titan.btinternet.com...
> A friend asked me something but as I know nothing about wifi I couldn't
> answer it. I'm hoping someone here can :o )
>
> If he takes his laptop into a cafe or a bar where there is an open wifi
> hotspot (presumably these are called access points??) and say, for
instance,
> he logs on to his ISPs mail server to pick up his email through that
access
> point, how secure is that connection?

ZIP, NADA, ZERO, ZILCH, IT ISN'T

>Would the login info for his email
> server be cached anywhere for the owner of the access point (or anyone
else
> for that matter) to see after he's left the cafe?
>
> Sorry if these are really basic questions but as they say on "Who Wants to
> be a Millionaire?" the questions are only easy if you know the answers
:o )
>
> Cheers,
>
> Mogweed
>
>
Anonymous
a b 8 Security
August 16, 2004 3:04:53 PM

Archived from groups: alt.internet.wireless (More info?)

On Mon, 16 Aug 2004 11:04:52 +0000 (UTC), "Mogweed"
<mogweedTWOTHOUSAND@hotmail.com> wrote:

>If he takes his laptop into a cafe or a bar where there is an open wifi
>hotspot (presumably these are called access points??) and say, for instance,
>he logs on to his ISPs mail server to pick up his email through that access
>point, how secure is that connection?

Totally insecure. Anyone can "sniff" the traffic. There are
applications to re-assemble email messages (both POP3 and SMTP) from
sniffed packets. Worse, his POP3 and SMTP authentication logins and
passwords are normally sent unencrypted and can be easily extracted
from the sniffed packets. Very few hot spots use any form of RF
security (WEP, WPA, VPN) and are therefore completely insecure.

Methinks that the best way to check your mail is through a secure web
server using SSL, or through a VPN provided by the ISP. These cannot
be sniffed. However, most users screw up badly by setting their email
clients to "check mail on startup" or "check mail every xx minutes"
which are usually the default. Same with cute little system tray
applications or IM clients that inform you that there is mail waiting.
These send the POP3 login and password when the computer boots, and
BEFORE a secure tunnel can be established. The only thing worth
sniffing from these is the login and password, but that's all I'm
usually interested in collecting. Anyway, I suggest you turn OFF
automatic mail checking on laptops.

One of the fun things to do is fire up a sniffer in areas where there
are a suitable number of wireless users and run a JPG sniffer:
http://ntkernelhacker.tripod.com/wireless/Pikachu.html
http://www.etherpeg.org
You get to see what everyone else is browsing. Amazing how much porno
comes across the wireless (usually from spyware) in the least expected
places. It also captures email, but that's usually boring.

List of WinPcap based wireless sniffer tools:
http://winpcap.polito.it/misc/links.htm
Most are legitimate, but there are some interesting tools mixed in.

>Would the login info for his email
>server be cached anywhere for the owner of the access point (or anyone else
>for that matter) to see after he's left the cafe?

No. It would be cached on my laptop, that I left running with a
wireless sniffer, in my parked car, near the hot spot. Capturing
passwords is not a desireable feature and besides most hot spots are
rather unsophisticated.

>Sorry if these are really basic questions but as they say on "Who Wants to
>be a Millionaire?" the questions are only easy if you know the answers :o )

Intelligence is largely the ability to ask the right questions.


--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558
Related resources
Anonymous
a b 8 Security
August 16, 2004 3:22:54 PM

Archived from groups: alt.internet.wireless (More info?)

"Mogweed" <mogweedTWOTHOUSAND@hotmail.com> wrote in
news:cfq4ck$j5q$1@titan.btinternet.com:

> A friend asked me something but as I know nothing about wifi I
> couldn't answer it. I'm hoping someone here can :o )
>
> If he takes his laptop into a cafe or a bar where there is an open
> wifi hotspot (presumably these are called access points??) and say,
> for instance, he logs on to his ISPs mail server to pick up his email
> through that access point, how secure is that connection? Would the
> login info for his email server be cached anywhere for the owner of
> the access point (or anyone else for that matter) to see after he's
> left the cafe?
>
> Sorry if these are really basic questions but as they say on "Who
> Wants to be a Millionaire?" the questions are only easy if you know
> the answers :o )
>

It's not secure at all from what I understand. They do have ISP(s) that
provide a VPN solution for user who use wireless hot spots or cafes. The
VPN client software is installed on the user's computer allowing the
computer to make a VPN secure connection between the wireless computer
and the VPN server software on the ISP's server. A secure and encrypted
connection VPN end point to VPN end point prevents someone from
eavesdropping on the traffic on the wireless. You'll have to search
Google for those VPN ISP(s) as they are out there.

Duane :) 
August 16, 2004 7:40:28 PM

Archived from groups: alt.internet.wireless (More info?)

If the ISP is a standard cable/ADSL provider, then connecting to the POP
mail server is typically *not* encrypted. Login to the ISP's web service,
which may use the same userid/password, often is secured. My SBC ADSL
service appears to always encrypt the userid/password during web login, and
offers a secure login button on the splash page which causes the entire
transaction to be encrypted. However, whenever I read email from the pop
server, the same userid/password are sent in the clear to the POP server.

I try to use web email from hotspots, since the web login that permits this
is encrypted. Also, I try to remember to log off the ISP before
disconnecting at the hotspot. Not logging off may permit an eavesdropper to
spoof your identity after you've left by using your MAC address.

And, of course, unless you are using a VPN or an https web page, you should
always assume that everything is completely readable to anyone who wants to
eavesdrop.

"Mogweed" <mogweedTWOTHOUSAND@hotmail.com> wrote in message
news:cfq4ck$j5q$1@titan.btinternet.com...
> A friend asked me something but as I know nothing about wifi I couldn't
> answer it. I'm hoping someone here can :o )
>
> If he takes his laptop into a cafe or a bar where there is an open wifi
> hotspot (presumably these are called access points??) and say, for
instance,
> he logs on to his ISPs mail server to pick up his email through that
access
> point, how secure is that connection? Would the login info for his email
> server be cached anywhere for the owner of the access point (or anyone
else
> for that matter) to see after he's left the cafe?
>
> Sorry if these are really basic questions but as they say on "Who Wants to
> be a Millionaire?" the questions are only easy if you know the answers
:o )
>
> Cheers,
>
> Mogweed
>
>
Anonymous
a b 8 Security
August 16, 2004 7:50:52 PM

Archived from groups: alt.internet.wireless (More info?)

"Mogweed" <mogweedTWOTHOUSAND@hotmail.com> wrote in message
news:cfq4ck$j5q$1@titan.btinternet.com...
> A friend asked me something but as I know nothing about wifi I couldn't
> answer it. I'm hoping someone here can :o )
>
> If he takes his laptop into a cafe or a bar where there is an open wifi
> hotspot (presumably these are called access points??) and say, for
instance,
> he logs on to his ISPs mail server to pick up his email through that
access
> point, how secure is that connection? Would the login info for his email
> server be cached anywhere for the owner of the access point (or anyone
else
> for that matter) to see after he's left the cafe?

The radio connection from his laptop to the Access Point is insecure; anyone
can eavesdrop. The wire connection from the Access Point to the cloud is
also insecure: anyone with minimal skill can eavesdrop there, too. The
connection from the cloud to the originating computer the email was sent
from ...

If your friend has any secrets to keep and wants to send them via email,
tell him to go to http://www.thawte.com/email/index.html and get a (free)
email certificate so his friends can encrypt email they send him. His
friends, of course, will need to do the same, and then he can send them
encrypted replies.

Once that system is in place, the end points will be the only insecure
nodes: everything between them will be secure. Securing the originating and
terminating computers is left as an excercise for the reader.

HTH.

William
(Filter noise from my address for direct replies.)
Anonymous
a b 8 Security
August 16, 2004 7:50:53 PM

Archived from groups: alt.internet.wireless (More info?)

On Mon, 16 Aug 2004 15:50:52 GMT, "William Warren"
<william_warren_nonoise@comcast.net> wrote:

>If your friend has any secrets to keep and wants to send them via email,
>tell him to go to http://www.thawte.com/email/index.html and get a (free)
>email certificate so his friends can encrypt email they send him. His
>friends, of course, will need to do the same, and then he can send them
>encrypted replies.

One small problem... no self respecting hacker is interested in the
contents of your email one message at a time. It's the login and
password that is important and encrypting the payload does nothing for
protecting the login and password. It's a variation on identity theft
and here's how it works. I sniff your login and password. I would
immediately login to your ISP's account admin page and change your
password. You're now locked out of your own account. I would then
snoop around and extract some personal info (name, phone number,
address, zip code, address book, bank numbers, SSI, etc). I would
then go to various accounts (ebay, paypal, banks) and select "forgot
my password" which will email back the current or a new password.
They will ask some kind of mundane authentication question that can
usually be extracted from the personal info (i.e. acct number, zip
code). If successful, I would login to PayPal or your bank and start
spending wildly using your account. When done, I would erase the new
email messages, and reset the password back to the original. You
would not know what hit you until the bill arrives.

Never mind the payload, protect the passwords.

Note: I've never actually done this, but I've dealt with situations
where it has happened.

>Once that system is in place, the end points will be the only insecure
>nodes: everything between them will be secure. Securing the originating and
>terminating computers is left as an excercise for the reader.

Umm... Sniffing the ethernet connection, or even the tapping the DSL
line is possible, but not very sporting.

Having your own SSL certificate is kinda nice, but for my business
communications and HIPAA, I use various PGP mutations.
http://web.mit.edu/network/pgp.html
http://www.pgp.net
http://www.gnupg.org
http://www.pgp.com/products/
Actually, I've been getting lazy lately and using ROT-13 and UUCP over
TCP to my own servers, which most sniffing hackers don't have a clue
how it works. Security by obscurity is not at all secure, but I
figure it's better than nothing.


--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558
Anonymous
a b 8 Security
August 16, 2004 8:32:19 PM

Archived from groups: alt.internet.wireless (More info?)

> Methinks that the best way to check your mail is through a secure web
> server using SSL, or through a VPN provided by the ISP. These cannot

What's wrong with IMAP/SSL (which has been either the recommended or the
only way to read mail at my work for the last several years).

> be sniffed. However, most users screw up badly by setting their email
> clients to "check mail on startup" or "check mail every xx minutes"
> which are usually the default. Same with cute little system tray

I don't see in what way such settings affect security.


Stefan
Anonymous
a b 8 Security
August 16, 2004 8:32:20 PM

Archived from groups: alt.internet.wireless (More info?)

On Mon, 16 Aug 2004 16:32:19 GMT, Stefan Monnier
<monnier@iro.umontreal.ca> wrote:

>> Methinks that the best way to check your mail is through a secure web
>> server using SSL, or through a VPN provided by the ISP. These cannot
>
>What's wrong with IMAP/SSL (which has been either the recommended or the
>only way to read mail at my work for the last several years).

Nothing wrong. Works fine if the ISP offers it. None of the ISP's I
use offer it. I do have IMAP4+SSL running on my office server for
testing, but never use it. Personally, I prefer VPN tunnels to my own
servers as it has other uses besides moving email and SSH for
character based stuff, because it's easy (using Putty). I'm not a
security expert and I'm sure I missed some other authorization,
authentication, and encryption mechanisms.

>> be sniffed. However, most users screw up badly by setting their email
>> clients to "check mail on startup" or "check mail every xx minutes"
>> which are usually the default. Same with cute little system tray

>I don't see in what way such settings affect security.

Easy. Such applications are usually setup to send the login and
password in the clear. In order to determine how many messages you
have waiting, the application needs to send the POP3 login and
password sequence. For example, I use AIM (AOL Instant Mess) and it
will happily check if I have any email waiting at all my various
accounts. Too bad it does it by sending it directly to my ISP's POP3
server instead of going through the VPN tunnel I have setup. That's
because it starts up *BEFORE* the tunnel is established, doesn't know
about the tunnel, and doesn't have any mechanism to determining the
preferred route to the POP3 server. By default, it sends the POP3
login and password every 5 minutes, giving someone many chances at
sniffing the traffic and extracting the login and password.

Suggestion: Fire up a sniffer (wireless or ethernet) and sniff your
own traffic. Setup a trap to log every time the sniffer see's your
POP3 login and password. You'll be amazed at how many applications
are trying to be helpful and check your mailbox in the clear. As I
posted in another message, it's the login/passwd that's important, not
the payload.


--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558
August 16, 2004 9:10:01 PM

Archived from groups: alt.internet.wireless (More info?)

"Jeff Liebermann" <jeffl@comix.santa-cruz.ca.us> wrote in message
news:kdk1i0pg07tkdcpc39k54ufm05oeqeis5m@4ax.com...
> On Mon, 16 Aug 2004 11:04:52 +0000 (UTC), "Mogweed"
> <mogweedTWOTHOUSAND@hotmail.com> wrote:
>
> One of the fun things to do is fire up a sniffer in areas where there
> are a suitable number of wireless users and run a JPG sniffer:
> http://ntkernelhacker.tripod.com/wireless/Pikachu.html
> http://www.etherpeg.org
> You get to see what everyone else is browsing. Amazing how much porno
> comes across the wireless (usually from spyware) in the least expected
> places. It also captures email, but that's usually boring.
>
> List of WinPcap based wireless sniffer tools:
> http://winpcap.polito.it/misc/links.htm
> Most are legitimate, but there are some interesting tools mixed in.
>

Do any of these work with 802.11 adapters on XP? Last I checked, Ethereal
(which uses WinPcap) still does not claim to work on XP because there is no
standardized interface to put 802.11 chips into promiscuous mode.

> --
> Jeff Liebermann jeffl@comix.santa-cruz.ca.us
> 150 Felker St #D http://www.LearnByDestroying.com
> Santa Cruz CA 95060 AE6KS 831-336-2558
Anonymous
a b 8 Security
August 16, 2004 9:10:02 PM

Archived from groups: alt.internet.wireless (More info?)

On Mon, 16 Aug 2004 17:10:01 GMT, "gary" <pleasenospam@sbcglobal.net>
wrote:

>> List of WinPcap based wireless sniffer tools:
>> http://winpcap.polito.it/misc/links.htm
>> Most are legitimate, but there are some interesting tools mixed in.

>Do any of these work with 802.11 adapters on XP? Last I checked, Ethereal
>(which uses WinPcap) still does not claim to work on XP because there is no
>standardized interface to put 802.11 chips into promiscuous mode.

I could swear I had Ethereal running on WinPcap 3.1beta3 on XP Pro
(pre-SP2) to sniff wireless packets. However, I don't own an XP
machine, so I can't try it right now[1]. As I vaguely recall, I had
to install the WildPackets Orinoco driver to enable promiscuous mode.
http://www.wildpackets.com/support/hardware/ap_lucent_d...
Also, methinks the W2K/XP NDIS 3.0 drivers will work with Ethereal.
Those certainly work in promiscuous mode as Netstumbler and others use
NDIS3.

I'll try it when I have the time and an XP laptop that I can destroy.

I do most of my sniffing using Linux (Kismet and Ethereal). However,
my Linux hard disk crashed so I'm using a bootable cdrom full of
wireless security tools. See:
http://moser-informatik.ch/?page=products&lang=eng
which includes all these tools:
http://moser-informatik.ch/tools.html
For logging, I use SSLWRAP to build a tunnel to my office server and
dump the capture logs there.

Also, the WinPcap FAQ recommends trying Windump:
http://windump.polito.it
to see if WinPcap can grab traffic. I just tried it on my W2K box and
it does show packets.

[1] I'm taking the day off to fix my truck, where chargeing an open
circuit blew the alternator and glow plug timer controller. Time to
get greasy.


--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558
Anonymous
a b 8 Security
August 16, 2004 10:37:36 PM

Archived from groups: alt.internet.wireless (More info?)

>> What's wrong with IMAP/SSL (which has been either the recommended or the
>> only way to read mail at my work for the last several years).
> Nothing wrong. Works fine if the ISP offers it. None of the ISP's I
> use offer it.

A damn shame! Since they probably don't offer VPN either, you're basically
stuck with a webmail/SSL which can be rather painful to use.
Luckily you don't have to use your ISP's email system: after all, it's an
*I*SP, not an *E*SP.

>>> be sniffed. However, most users screw up badly by setting their email
>>> clients to "check mail on startup" or "check mail every xx minutes"
>>> which are usually the default. Same with cute little system tray
>> I don't see in what way such settings affect security.
> Easy. Such applications are usually setup to send the login and
> password in the clear. In order to determine how many messages you

Well, sending them in the clear is the problem, then, obviously.
Checking mail at startup and/or regularly is mostly orthogonal.

> have waiting, the application needs to send the POP3 login and
> password sequence. For example, I use AIM (AOL Instant Mess) and it
> will happily check if I have any email waiting at all my various
> accounts. Too bad it does it by sending it directly to my ISP's POP3
> server instead of going through the VPN tunnel I have setup. That's
> because it starts up *BEFORE* the tunnel is established, doesn't know
> about the tunnel, and doesn't have any mechanism to determining the
> preferred route to the POP3 server. By default, it sends the POP3
> login and password every 5 minutes, giving someone many chances at
> sniffing the traffic and extracting the login and password.

Make sure the server is *not-reachable* unless the VPN is up
(it's behind a firewall and the VPN gets you through that firewall).

> Suggestion: Fire up a sniffer (wireless or ethernet) and sniff your
> own traffic. Setup a trap to log every time the sniffer see's your
> POP3 login and password. You'll be amazed at how many applications
> are trying to be helpful and check your mailbox in the clear.

I wouldn't trust any application like AIM with my password anyway.

> As I posted in another message, it's the login/passwd that's important,
> not the payload.

100% agreement. Tho, the password is sometimes part of the payload.


Stefan
Anonymous
a b 8 Security
August 16, 2004 10:56:33 PM

Archived from groups: alt.internet.wireless (More info?)

"Jeff Liebermann" <jeffl@comix.santa-cruz.ca.us> wrote in message
news:r4n1i05mhi92ce1vcmh6qr0afsh3utlspt@4ax.com...
> On Mon, 16 Aug 2004 15:50:52 GMT, "William Warren"
> <william_warren_nonoise@comcast.net> wrote:
>
> >If your friend has any secrets to keep and wants to send them via email,
> >tell him to go to http://www.thawte.com/email/index.html and get a (free)
> >email certificate so his friends can encrypt email they send him. His
> >friends, of course, will need to do the same, and then he can send them
> >encrypted replies.
>
> One small problem... no self respecting hacker is interested in the
> contents of your email one message at a time. It's the login and
> password that is important and encrypting the payload does nothing for
> protecting the login and password. [snip]
>
> Never mind the payload, protect the passwords.
>
[snip]

> >Once that system is in place, the end points will be the only insecure
> >nodes: everything between them will be secure. Securing the originating
and
> >terminating computers is left as an excercise for the reader.
>
> Umm... Sniffing the ethernet connection, or even the tapping the DSL
> line is possible, but not very sporting.

But easy for someone who really wants what you've got: including phishers.
As I said, the endpoints remain insecure, and protecting them (and the
passwords) is a different topic. Although I concede that "everything between
them" only applies to the encrypted email, I was trying to make the point
that it's futile to secure only one link in a long chain. We have to think
end-to-end, and that includes end-to-end protection for sessions with your
IMAP/POP server.

I realize that POP ID's and passwords can be used to gain other passwords,
but don't forget that most services now require a challenge-reponse
transaction for "Lost Password" requests, where they ask (for example) the
name of your favorite pet. In any case,since my ISP doesn't support SSL for
POP sessions, I use a "sub" account for day-to-day email, which is set up so
that it can't change its own password, and I _never_ allow email from places
like Ebay or Billpay anywhere near it. If I want to check email on my other
account names, I use SquirrelMail (http://www.squirrelmail.org/) and SSL
connections to my home server, which is as secure as the various bills and
documents in my file cabinet.

> Having your own SSL certificate is kinda nice, but for my business
> communications and HIPAA, I use various PGP mutations.
> http://web.mit.edu/network/pgp.html
> http://www.pgp.net
> http://www.gnupg.org
> http://www.pgp.com/products/

I like gpg for the Unix world: Mutt and Exim support it natively, but SSL is
built into OE, Netscape Messenger, Mozilla, etc., so I prefer it for my
Wintel clients who need Plug 'N Pray operation and "one click" simplicity.

> Actually, I've been getting lazy lately and using ROT-13 and UUCP over
> TCP to my own servers, which most sniffing hackers don't have a clue
> how it works. Security by obscurity is not at all secure, but I
> figure it's better than nothing.

It's better than tying a Garlic clove around your neck, since we can prove
it's inefective ;-J.

The point is that anyone wanting security, for passwords _or_ email or
anything else, has to think end-to-end.

HTH. YMMV.

William
August 16, 2004 11:03:27 PM

Archived from groups: alt.internet.wireless (More info?)

"Jeff Liebermann" <jeffl@comix.santa-cruz.ca.us> wrote in message
news:eus1i0hte1ord8keihmktuqb5r395k7lus@4ax.com...
> On Mon, 16 Aug 2004 17:10:01 GMT, "gary" <pleasenospam@sbcglobal.net>
> wrote:
>
> >> List of WinPcap based wireless sniffer tools:
> >> http://winpcap.polito.it/misc/links.htm
> >> Most are legitimate, but there are some interesting tools mixed in.
>
> >Do any of these work with 802.11 adapters on XP? Last I checked, Ethereal
> >(which uses WinPcap) still does not claim to work on XP because there is
no
> >standardized interface to put 802.11 chips into promiscuous mode.
>
> I could swear I had Ethereal running on WinPcap 3.1beta3 on XP Pro
> (pre-SP2) to sniff wireless packets. However, I don't own an XP
> machine, so I can't try it right now[1]. As I vaguely recall, I had
> to install the WildPackets Orinoco driver to enable promiscuous mode.
> http://www.wildpackets.com/support/hardware/ap_lucent_d...
> Also, methinks the W2K/XP NDIS 3.0 drivers will work with Ethereal.
> Those certainly work in promiscuous mode as Netstumbler and others use
> NDIS3.

If you install a proprietary (= not free, costs money) driver that exports
an NDIS interface with Ethernet-style promiscuous control, then WinPcap will
probably work. The proprietary drivers that come with wifi cards do NOT
export such an interface. The drivers that come with commercial network
analyzer software of course do. But I just checked, and AiroPeek costs at
least $1000 retail. As an end user, I'm not paying that kind of money. And,
since I'm not ethics-impaired, I'm not going to rip off a bootleg driver.

Ethereal will certainly sniff packets on my XP, but *only* if I disable
promiscuous mode. The packets I see are from the virtual Ethernet interface
exported by my D-Link wifi driver. It filters out any management frames, and
of course I only see traffic to/from the client, not any other net traffic.

NetStumbler has never worked right on my XP. It sometimes appears to work
when my D-Link driver has already initialized the network, but if try to get
NetStumbler to do the probing, I get mixed results. If I disable/enable the
D-Link adapter, NetStumbler won't even start.

>
> I'll try it when I have the time and an XP laptop that I can destroy.
>
> I do most of my sniffing using Linux (Kismet and Ethereal). However,
> my Linux hard disk crashed so I'm using a bootable cdrom full of
> wireless security tools. See:
> http://moser-informatik.ch/?page=products&lang=eng
> which includes all these tools:
> http://moser-informatik.ch/tools.html
> For logging, I use SSLWRAP to build a tunnel to my office server and
> dump the capture logs there.
>
> Also, the WinPcap FAQ recommends trying Windump:
> http://windump.polito.it
> to see if WinPcap can grab traffic. I just tried it on my W2K box and
> it does show packets.
>
> [1] I'm taking the day off to fix my truck, where chargeing an open
> circuit blew the alternator and glow plug timer controller. Time to
> get greasy.
>
>
> --
> Jeff Liebermann jeffl@comix.santa-cruz.ca.us
> 150 Felker St #D http://www.LearnByDestroying.com
> Santa Cruz CA 95060 AE6KS 831-336-2558
Anonymous
a b 8 Security
August 17, 2004 1:44:50 AM

Archived from groups: alt.internet.wireless (More info?)

"gary" <pleasenospam@sbcglobal.net> wrote in message
news:3y7Uc.8081$o54.5088@newssvr22.news.prodigy.com...
>
> "Jeff Liebermann" <jeffl@comix.santa-cruz.ca.us> wrote in message
> news:eus1i0hte1ord8keihmktuqb5r395k7lus@4ax.com...
> > On Mon, 16 Aug 2004 17:10:01 GMT, "gary" <pleasenospam@sbcglobal.net>
> > wrote:
> >

I just want to say a big thank-you to all who have taken time to reply to my
original query. It's much appreciated and I'm sure my friend will be more
than happy with all the info you've provided.

Cheers guys,

Mogweed.
!